CVE-2013-6382

Multiple buffer underflows in the XFS implementation in the Linux kernelthrough 3.12.1 allow local users to cause a denial of service (memorycorruption) or possibly have unspecified other impact by leveraging theCAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2)XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value,related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c andthe xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.

Ubuntu-Description

Nico Golde and Fabian Yamaguchi reported buffer underflow errors in theimplementation of the XFS filesystem in the Linux kernel. A local user withCAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memorycorruption) or possibly other unspecified issues.